DEF CON Exhibitors List

Start your Red Team training with us! Altered Security offers multiple Red Team courses with affordable and enterprise-like hands-on labs. Each course comes with an industry-recognized certification. We are the creators of the Certified Red Team Professional (CRTP), CRTE, CARTP and more. Our courses and labs are designed by experts who have more than a decade’s experience of training and speaking at worlds top hacker conferences. Join more than 40K professionals from 130+ countries.

Authentik Security is the Public Benefit Company behind authentik, an open source identity provider with over a million installations. Authentik Security is bringing modern identity and access management to organizations worldwide, replacing inflexible legacy alternatives for leading companies like Cloudflare, Der Spiegel, and CoreWeave. We are a fully remote team and always looking for more backend dev and identity experts and enthusiasts to join our mission. Help us replace Okta/Auth0, Ping Identity, and Microsoft Entra with modern, secure identity for all!

BHIS is owned by us—no investors, no outside agendas. We’ll never have investors because our focus is on you. Our Business Capture team isn’t chasing commissions. Our Content & Community team doesn’t measure success by revenue. And our technical consultants are always improving, thinking creatively about how to serve you best. We do this, because we grew up inspired by heroes in stories—those who never gave up. But every hero had help: a guide, a mentor, a magical sword. We want to be that for you—your guide, your mentor, your sword supplier—so you can keep fighting the good fight.

We are Bugcrowd. Since 2012, we’ve been empowering organizations to take back control and stay ahead of threat actors by uniting the collective ingenuity and expertise of our customers and trusted alliance of elite hackers, with our patented data and AI-powered Bugcrowd Platform™. Our network of hackers brings diverse expertise to uncover hidden weaknesses, adapting swiftly to evolving threats, even against zero-day exploits. With unmatched scalability and adaptability, our data and AI-driven CrowdMatch™ technology in our platform finds the perfect talent for your unique fight. We are creating a new era of modern crowdsourced security that outpaces threat actors.

Capitol Technology University joins DC33 as a leader in technology higher education. With flexible undergraduate and graduate programs available online and on-campus, CapTechU equips the next generation of tech innovators and global STEM professionals for career success. Visit our booth to discuss your career goals with our expert staff, grab free info and swag, purchase our exclusive DEF CON 33 limited-edition t-shirt and light-up badge, and snap a photo with our Charlie the Charger mascot. Don’t miss this opportunity to charge up your future!

As America’s Cyber Defense Agency and the National Coordinator for critical infrastructure resiliency and security, CISA leads the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every hour of every day. We connect our stakeholders in industry and government to each other and to resources, analyses, and tools to help them build their own cyber, communications, and physical security and resilience, in turn helping to ensure a secure and resilient infrastructure for the American people.

Formal gives you visibility and control where you need it most: at the point of data access. It sits between your AI agents, services, and datastore – Snowflake, APIs, whatever – and inspects every request in real time. You get deep, protocol-level context: who made the call, what was requested, whether it involved PII, and what policy should apply.

What is critical for AI governance is that Formal secures the Model Context Protocol layer – the MCP server that feeds data to AI agents. You’re not trusting a black box to make its own decisions. You’re governing exactly what goes in and out of it and by whom. You define and enforce policies, access, stop leaks, and stay audit-ready – all without slowing down engineering.

This is how security leads in the AI era: not with red tape, but with infrastructure-aware enforcement.

Hack The Box is the Cyber Performance Center with the mission to provide a human-first platform to create and maintain high-performing cybersecurity individuals and organizations. Hack The Box is the only platform that unites upskilling, workforce development, and the human focus in the cybersecurity industry, and it’s trusted by organizations worldwide for driving their teams to peak performance. Offering an all-in-one environment for continuous growth, assessment, and recruitment, Hack The Box provides solutions for all cybersecurity domains. Launched in 2017, Hack The Box brings together the largest global cybersecurity community of more than 3.5 million platform members. Rapidly growing its international footprint and reach, Hack The Box is headquartered in the UK, with additional offices in the US, Australia, and Greece.

Promptfoo is an advanced red teaming and vulnerability management platform that helps teams identify and fix generative AI security risks before they reach production by integrating directly into the development pipeline. It scans LLM applications, MCP servers, agents, and models for vulnerabilities such as prompt injections, jailbreaks, and data poisoning, while enforcing custom security policies and providing detailed remediation guidance. Promptfoo’s specialized adversarial agents are trained to analyze each application’s unique attack surface and generate targeted probes that uncover natural-language vulnerabilities. By shifting security testing left, Promptfoo enables organizations to address issues early and cost-effectively, and is trusted by more than 100,000 developers and enterprises, including OpenAI, Anthropic, and AWS.

The SecOps Group (secops.group) is a CREST-accredited cybersecurity company trusted by Fortune 100 clients for its research-driven pentesting services. We offer specialized assessments across web, mobile, API, cloud, networks, and Red Team operations. Through our certification platform, pentestingexams.com, professionals can access 15 hands-on exams covering AppSec, network security, binary fuzzing, Red Teaming, and LLM pentesting—ranging from beginner to advanced levels. Over 75,000 professionals have taken our exams in the past two years. Visit our booth at Defcon 2025 and claim a FREE exam!

Triad Secure is a cutting-edge technology company dedicated to transforming cybersecurity operations through its innovative AI-driven platform, designed to address the growing challenges faced by Security Operations Centers (SOCs) worldwide. By integrating all existing SOC tools into a single, intuitive interface, our platform normalizes and enriches data to deliver a unified, actionable view of alerts, significantly reducing triage time by over 50% and eliminating the need for extensive training across multiple systems. Built with multi-tenant support and visual automation tools, Triad Secure empowers MSPs and enterprises to streamline workflows, manage complex environments, and respond smarter and faster to threats, all while leveraging built-in threat intelligence and a seamless ticketing system, positioning us as a leader in scalable, efficient cybersecurity solutions.

The U.S. Army xTech Program, sponsored by the Assistant Secretary of the Army for Acquisition, Logistics and Technology, manages the Army’s prize competitions to award and accelerate transformative S&T solutions from small and non-traditional businesses that can help solve current challenges. Competitions offer a variety of potential opportunities to participants including cash prizes, the potential for follow-on contracts and opportunities to participate in accelerator programming that provides education, mentorship and strategic exposure.